>A user must have the TRUNCATE privilege to truncate a table or be the >tables owner.
Well the TRUNCATE example I mentioned is perhaps not explicit of what I meant to say. A user who can modify data in a client application can also modify data if he connects directly to the database, bypassing the client application, with commands like 'UPDATE tbl SET col = value' Even if a few rows are concerned, data is yet inconsistent. The only way to prevent this is by preventing a direct access to the sever via a client like psql for example. With or without use of SSL, it is not possible, unless I'm missing something. -- Sent via pgsql-general mailing list (pgsql-general@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
